Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

UISI: Alice does not encrypt for Bob #26567

Closed
kegsay opened this issue Nov 13, 2023 · 1 comment
Closed

UISI: Alice does not encrypt for Bob #26567

kegsay opened this issue Nov 13, 2023 · 1 comment
Labels
A-Element-R Issues affecting the port of Element's crypto layer to Rust T-Defect Z-Labs

Comments

@kegsay
Copy link
Contributor

kegsay commented Nov 13, 2023

Steps to reproduce

Given this test case, this can fail because:

[@user-2-bob:hs1] console.log    WARN matrix_sdk_crypto::machine: Failed to decrypt a room event: Can't find the room key to decrypt the event, withheld code: None
    at /home/runner/.cargo/git/checkouts/matrix-rust-sdk-1f4927f82a3d27bb/7440ce0/crates/matrix-sdk-crypto/src/machine.rs:1513
    in matrix_sdk_crypto::machine::decrypt_room_event with room_id="!srZZtCsrpUMQZviMzy:hs1" sender="@user-1-alice:hs1" event_id="$tjgtkiA8rDy1tHcXDxaBN9QwcukLqnmmIxUZBrZEHhc" algorithm="m.megolm.v1.aes-sha2" sender_key="curve25519:NV/9yneJS3T/lH0TZdVLEDk4Ld3veH+nQG5cy2/KmXU" session_id="Cr7zjpSFe5n+MG4k8/yoVPKEBGXlkMFf0uJvwV+B3EM"

This seems to be because Alice did not see Bob's device when she hit /keys/query prior to sending her message:

[@user-1-alice:hs1] console.log   TRACE matrix_sdk_crypto::store::caches: Flagging user for key query, user: "@user-2-bob:hs1", sequence_number: 1
...
[@user-1-alice:hs1] console.log   DEBUG matrix_sdk_crypto::identities::manager: Created a /keys/query request, request_id: "8503e92bb9414f0ebd8cfbc3e7384fb4", users: ["@user-1-alice:hs1", "@user-2-bob:hs1"]
...
[@user-1-alice:hs1] console.log   DEBUG matrix_sdk_crypto::identities::manager: Handling a keys query response, request_id: "8503e92bb9414f0ebd8cfbc3e7384fb4", users: {"@user-1-alice:hs1", "@user-2-bob:hs1"}, failures: {}
...
[@user-1-alice:hs1] console.log   DEBUG matrix_sdk_crypto::identities::manager: Finished handling of the keys/query response, request_id: "8503e92bb9414f0ebd8cfbc3e7384fb4", new_devices: {}, changed_devices: {"@user-1-alice:hs1": {"LQSTRGAHYZ"}}, deleted_devices: {}, new_identities: {}, changed_identities: {}

I'm not sure why this happens though. Using:

  • JS SDK: 29.1.0
  • Synapse: v1.95.0

One interesting point with the test is whilst both Alice and Bob are registered prior to the test proper, Bob does not have OTKs at the time alice starts to sync, because bob := MustLoginClient is called after alice.StartSyncing(t). I wonder if this is affecting the /keys/query response somehow (which may imply it's a Synapse issue?).

Outcome

What did you expect?

The message was decrypted.

What happened instead?

The message was not decrypted.

Operating system

macOS

Browser information

Chrome

URL for webapp

N/A

Application version

JS SDK: 29.1.0

Homeserver

Synapse v1.95.0

Will you send logs?

Full logs attached.
js-js-happy-case-fail.log

@richvdh richvdh added the A-Element-R Issues affecting the port of Element's crypto layer to Rust label Nov 13, 2023
@richvdh
Copy link
Member

richvdh commented Jan 12, 2024

I think this is expected behaviour. It happens because Bob doesn't upload OTKs / device keys by the time Alice hits /keys/query -- so effectively Bob's device doesn't exist at the time Alice sends the message.

It crosses over somewhat with more general "device lists may not be up-to-date" (element-hq/element-meta#2411).

@richvdh richvdh closed this as completed Jan 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
A-Element-R Issues affecting the port of Element's crypto layer to Rust T-Defect Z-Labs
Projects
None yet
Development

No branches or pull requests

2 participants